summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/ssh2/Makefile8
-rw-r--r--security/ssh2/files/kerberos-patch-apps::ssh::ssh2_config10
-rw-r--r--security/ssh2/files/kerberos-patch-apps::ssh::sshd2_config19
3 files changed, 35 insertions, 2 deletions
diff --git a/security/ssh2/Makefile b/security/ssh2/Makefile
index 9d246a4..2cf8bd1 100644
--- a/security/ssh2/Makefile
+++ b/security/ssh2/Makefile
@@ -7,6 +7,7 @@
PORTNAME= ssh2
PORTVERSION= 3.2.9.1
+PORTREVISION= 1
CATEGORIES= security ipv6
# The list of official mirror sites is at:
# http://www.ssh.com/support/downloads/secureshellserver/non-commercial.html
@@ -77,9 +78,12 @@ CONFIGURE_ARGS+= --enable-group-writeability
# Kerberos5 support in ssh2 is EXPERIMENTAL and requires MIT Kerberos,
# Heimdal is unsupported.
#
-.if defined(WITH_KERBEROS) && defined(KRB5_HOME) && \
- exists(${KRB5_HOME}/lib/libkrb5.a)
+.if !defined(WITHOUT_KERBEROS) && defined(KRB5_HOME) && \
+ exists(${KRB5_HOME}/lib/libk5crypto.a)
+LIB_DEPENDS+= krb5.3:${PORTSDIR}/security/krb5
CONFIGURE_ARGS+= --with-kerberos5=${KRB5_HOME} --disable-suid-ssh-signer
+EXTRA_PATCHES+= ${FILESDIR}/kerberos-patch-apps::ssh::ssh2_config \
+ ${FILESDIR}/kerberos-patch-apps::ssh::sshd2_config
.endif
.if defined(WITH_X11) || (exists(${X11BASE}/lib/libX11.a) \
diff --git a/security/ssh2/files/kerberos-patch-apps::ssh::ssh2_config b/security/ssh2/files/kerberos-patch-apps::ssh::ssh2_config
new file mode 100644
index 0000000..895d04d
--- /dev/null
+++ b/security/ssh2/files/kerberos-patch-apps::ssh::ssh2_config
@@ -0,0 +1,10 @@
+--- apps/ssh/ssh2_config.orig Wed Jan 21 19:14:28 2004
++++ apps/ssh/ssh2_config Wed Jan 21 19:26:01 2004
+@@ -76,6 +76,7 @@
+
+ # AllowedAuthentications publickey,keyboard-interactive,password
+ # AllowedAuthentications hostbased,publickey,keyboard-interactive,password
++ AllowedAuthentications kerberos-tgt-2@ssh.com,kerberos-2@ssh.com,password
+
+
+ # For ssh-signer2 (only effective if set in the global configuration
diff --git a/security/ssh2/files/kerberos-patch-apps::ssh::sshd2_config b/security/ssh2/files/kerberos-patch-apps::ssh::sshd2_config
new file mode 100644
index 0000000..089ccc5
--- /dev/null
+++ b/security/ssh2/files/kerberos-patch-apps::ssh::sshd2_config
@@ -0,0 +1,19 @@
+--- apps/ssh/sshd2_config.orig Wed Jan 21 19:12:25 2004
++++ apps/ssh/sshd2_config Wed Jan 21 19:24:11 2004
+@@ -101,6 +101,7 @@
+ # AllowedAuthentications publickey,password
+ # AllowedAuthentications hostbased,publickey,password
+ # AllowedAuthentications hostbased,publickey,keyboard-interactive
++ AllowedAuthentications kerberos-tgt-2@ssh.com,kerberos-2@ssh.com,password
+ # RequiredAuthentications publickey,password
+ # LoginGraceTime 600
+ # AuthInteractiveFailureTimeout 2
+@@ -169,7 +170,7 @@
+ # AllowGroups staff,users
+ # DenyGroups guest,anonymous
+ # PermitRootLogin yes
+-# PermitRootLogin nopwd
++ PermitRootLogin nopwd
+
+ ## Chrooted environment
+
OpenPOWER on IntegriCloud